1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

pop up problem

Discussion in 'Virus & Other Malware Removal' started by edwoodt, Feb 9, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. edwoodt

    edwoodt Thread Starter

    Joined:
    Dec 26, 2003
    Messages:
    19
    my hijack log is included. i hope this is the right place to post this. thanx
     

    Attached Files:

  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    I have split your post off into your own thread. In the future if you have a Question/Problem please start a "New Thread". It get's too confusing trying to address two different people's problem in the same thread and you may get overlooked.

    Please continue in this thread.
     
  3. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    I'm pasting your log in the thread for easier viewing. I'll post directions in my next reply.

    Logfile of HijackThis v1.99.1
    Scan saved at 17:05:10, on 09/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    c:\program files\aim6\anotify.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Eddi\Bureau\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: (no name) - pB49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
    O2 - BHO: (no name) - rsion - (no file)
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: (no name) - *B07962-6F74-2D53-2644-206D7942484F} - (no file)
    O2 - BHO: (no name) - ¨¨D-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O2 - BHO: (no name) - ðB497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [loadcastbowsspam] C:\Documents and Settings\All Users\Application Data\software rdr load cast\ping eggs.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD4 Professional\MediaDetector.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SupportPhone] C:\DOCUME~1\Eddi\APPLIC~1\Atommail\PARTTOOL.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163681403125
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
     
  4. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Before we proceed, please post an Uninstall List for me:
    • Open Hijack This and click on the "Open the Misc Tools section" button.
    • Click on the "Open Uninstall Manager" button. Click the "Save List" button.
    • After you click the "Save List" button, you will be asked where to save the file.
    • Pick a place to save it then the list should open in notepad.
    • Copy and paste that list in your next reply to this thread.
     
  5. edwoodt

    edwoodt Thread Starter

    Joined:
    Dec 26, 2003
    Messages:
    19
    thanx here's the log, i'm not sure what 'network play system (patching)' is

    ACDSee
    Ad-Aware SE Personal
    Adobe Flash Player 9 ActiveX
    Adobe Reader 7.0.9 - Français
    AIM
    AIM 6.0
    ArcSoft Multimedia Email
    ArcSoft PhotoStudio 2000
    Audacity 1.2.0
    avast! Antivirus
    Barre d'outils Outlook de Windows Live (Windows Live Toolbar)
    BitComet 0.76
    Bloqueur de fenêtres pop-up (Windows Live Toolbar)
    Bridge Base Online
    Canon ScanGear Toolbox 3.0
    C-Major Audio
    Conexant D110 MDC V.92 Modem
    Correctif pour Windows XP (KB914440)
    Correctif Windows XP - KB873339
    Correctif Windows XP - KB885250
    Correctif Windows XP - KB885835
    Correctif Windows XP - KB885836
    Correctif Windows XP - KB885884
    Correctif Windows XP - KB886185
    Correctif Windows XP - KB887472
    Correctif Windows XP - KB887742
    Correctif Windows XP - KB888113
    Correctif Windows XP - KB888302
    Correctif Windows XP - KB890859
    Correctif Windows XP - KB891781
    Creative WebCam Center
    Creative WebCam Live! Driver (1.00.06.0414)
    Creative WebCam Live! User's Guide (English)
    Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
    DivX Codec
    DivX Content Uploader
    DivX Converter
    DivX Player
    DivX Web Player
    eMule
    Extension de Windows Live Toolbar (Windows Live Toolbar)
    FileZilla Client 3.0.0-beta2
    Full Tilt Poker
    Google Earth
    HijackThis 1.99.1
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    Intel(R) Graphics Media Accelerator Driver for Mobile
    Intel(R) PRO Network Adapters and Drivers
    InterActual Player
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    Learn To Play Bridge
    Learn to Play Bridge 2
    Lecteur Windows Media*11
    Menus intelligents (Windows Live Toolbar)
    Messenger Plus! 3
    Messenger Plus! Live & Sponsor
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional avec FrontPage
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)
    Mise à jour de sécurité pour Windows XP (KB890046)
    Mise à jour de sécurité pour Windows XP (KB893066)
    Mise à jour de sécurité pour Windows XP (KB893756)
    Mise à jour de sécurité pour Windows XP (KB896358)
    Mise à jour de sécurité pour Windows XP (KB896422)
    Mise à jour de sécurité pour Windows XP (KB896423)
    Mise à jour de sécurité pour Windows XP (KB896424)
    Mise à jour de sécurité pour Windows XP (KB896428)
    Mise à jour de sécurité pour Windows XP (KB896688)
    Mise à jour de sécurité pour Windows XP (KB899587)
    Mise à jour de sécurité pour Windows XP (KB899589)
    Mise à jour de sécurité pour Windows XP (KB899591)
    Mise à jour de sécurité pour Windows XP (KB900725)
    Mise à jour de sécurité pour Windows XP (KB901017)
    Mise à jour de sécurité pour Windows XP (KB901214)
    Mise à jour de sécurité pour Windows XP (KB902400)
    Mise à jour de sécurité pour Windows XP (KB904706)
    Mise à jour de sécurité pour Windows XP (KB905414)
    Mise à jour de sécurité pour Windows XP (KB905749)
    Mise à jour de sécurité pour Windows XP (KB905915)
    Mise à jour de sécurité pour Windows XP (KB908519)
    Mise à jour de sécurité pour Windows XP (KB908531)
    Mise à jour de sécurité pour Windows XP (KB911280)
    Mise à jour de sécurité pour Windows XP (KB911562)
    Mise à jour de sécurité pour Windows XP (KB911567)
    Mise à jour de sécurité pour Windows XP (KB911927)
    Mise à jour de sécurité pour Windows XP (KB912812)
    Mise à jour de sécurité pour Windows XP (KB912919)
    Mise à jour de sécurité pour Windows XP (KB913446)
    Mise à jour de sécurité pour Windows XP (KB913580)
    Mise à jour de sécurité pour Windows XP (KB914388)
    Mise à jour de sécurité pour Windows XP (KB914389)
    Mise à jour de sécurité pour Windows XP (KB916281)
    Mise à jour de sécurité pour Windows XP (KB917159)
    Mise à jour de sécurité pour Windows XP (KB917344)
    Mise à jour de sécurité pour Windows XP (KB917422)
    Mise à jour de sécurité pour Windows XP (KB917953)
    Mise à jour de sécurité pour Windows XP (KB918439)
    Mise à jour de sécurité pour Windows XP (KB918899)
    Mise à jour de sécurité pour Windows XP (KB919007)
    Mise à jour de sécurité pour Windows XP (KB920213)
    Mise à jour de sécurité pour Windows XP (KB920214)
    Mise à jour de sécurité pour Windows XP (KB920670)
    Mise à jour de sécurité pour Windows XP (KB920683)
    Mise à jour de sécurité pour Windows XP (KB920685)
    Mise à jour de sécurité pour Windows XP (KB921398)
    Mise à jour de sécurité pour Windows XP (KB921883)
    Mise à jour de sécurité pour Windows XP (KB922616)
    Mise à jour de sécurité pour Windows XP (KB922819)
    Mise à jour de sécurité pour Windows XP (KB923191)
    Mise à jour de sécurité pour Windows XP (KB923414)
    Mise à jour de sécurité pour Windows XP (KB923694)
    Mise à jour de sécurité pour Windows XP (KB923980)
    Mise à jour de sécurité pour Windows XP (KB924191)
    Mise à jour de sécurité pour Windows XP (KB924270)
    Mise à jour de sécurité pour Windows XP (KB924496)
    Mise à jour de sécurité pour Windows XP (KB925486)
    Mise à jour de sécurité pour Windows XP (KB926255)
    Mise à jour pour Windows XP (KB894391)
    Mise à jour pour Windows XP (KB898461)
    Mise à jour pour Windows XP (KB900485)
    Mise à jour pour Windows XP (KB904942)
    Mise à jour pour Windows XP (KB910437)
    Mise à jour pour Windows XP (KB916595)
    Mise à jour pour Windows XP (KB920872)
    Mise à jour pour Windows XP (KB922582)
    Movies
    Mozilla Firefox (1.5.0.1)
    Network Play System (Patching)
    OneCare Advisor (Windows Live Toolbar)
    PCFriendly
    RealPlayer
    Roll
    Spybot - Search & Destroy 1.4
    SpywareBlaster v3.5.1
    The Sims
    VideoLAN VLC media player 0.8.5
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Live Favorites pour Windows Live Toolbar
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Toolbar
    Windows Live Toolbar
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 2
    Yahoo! Anti-Spy
    Yahoo! Install Manager
    Yahoo! Messenger
    Yahoo! Toolbar
     
  6. edwoodt

    edwoodt Thread Starter

    Joined:
    Dec 26, 2003
    Messages:
    19
    ps on the configuation window of hijack my 'default start page' is about:blank

    when i open ie i get my 5 home pages plus a small blank page.
     
  7. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    * Go to Add/Remove programs and uninstall these old versions of Java:

    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9



    * Part of the infection you have right now came from Messenger Plus! and it's so called "Sponsor" which is actually LOP malware. One of the oldest and most devious malwares ever. Although the program itself is a good program, it is my opinion that any application that aligns itself with scum like LOP should be boycotted. I would uninstall Messenger Plus! if I were you, but that is your choice.

    * At the very least, you need to follow these directions to remove the Messenger Plus Sponsor (LOP malware):

    • Double-click on "Messenger Plus! Live & Sponsor" or click on Remove.
    • The "Messenger Plus! Live - Uninstaller" is now displayed.
    • If Messenger Plus!'s sponsor is currently installed, two options are displayed. Both of them will uninstall the sponsor.
    • If you want to keep Messenger Plus!, choose the first option.
    • Press "Next" or "Uninstall" depending on the option you choose.
    • If you choose to uninstall Messenger Plus!, another set of options will be displayed.
      • These options are related to Messenger Plus! only and will not affect the uninstallation LOP.
    • The sponsor screen is now displayed (if you don't see it, look for it in your Task Bar).
    • To show that someone is actually reading that screen, you will have to type the code that is displayed.
    • Follow the next instructions that are displayed to finish the uninstallation.
    • The first option is to close all your Internet Explorer windows. It's important that you do this.
    • When everything is complete, restart your computer and LOP should be gone.


    ** Go ahead and run NoLOP also to make sure that LOP is gone:


    * Download NoLop to your desktop from one of the links below...
    Link 1
    Link 2
    Link 3
    • First close any other programs you have running as this will require a reboot
    • Double click NoLop.exe to run it.
    • Now click the button labelled "Search and Destroy"
      <<your computer will now be scanned for infected files>>
    • When scanning is finished you will be prompted to reboot only if infected, Click OK
    • Now click the "REBOOT" Button.
    • A Message should popup from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HijackThis log
    --If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program. --
     
  8. edwoodt

    edwoodt Thread Starter

    Joined:
    Dec 26, 2003
    Messages:
    19
    dear floorman, thanx for the advice. my daughter had installed mess plus. a few weeks ago she decided to change to windows live mess; it seems that's when the problem started. i've uninstalled mess plus & the problem has disappeared so i'm not gonna bother with nolop.
    two other questions for u if you have the time. 1) u had me uninstall older versions of java runtime, which makes perfect sense- so as a general rule, if i see that an update of any given program shows up as a separate one in (add/delete) i can get rid of the old one?
    2) one thing i've never learned how to do is edit my registry or at least understand how it works -e.g. i 've been told that when u delete programs there are bits that remain in the registry that eventually create problems -or like the time when a friend came over to eliminate a hijack problem on my old win98 puter & he went into the registry & deleted an entry and the problem was gone immediately. how can i learn this for myself? thanx for any help.
     
  9. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    1: Yes, as a general rule this is true.

    2: The best way that I know for you to learn more about the registry is to take the malware removal training at GeekU. They have an excellent registry study as part of this training. Granted, the majority of training is for malware removal, but all that will benefit you too. You may even decide you want to help on the forums if you take this training. You can find the info you need for signing up for that training here. I am a moderator there too. If you have any other questions, please feel free to ask.

    If you don't want to take all that malware training and just want to learn the registry, I'm sure I can dig you up some tutorials on that. Just let me know.


    Now back to the infected pc. I realize that LOP has probably been removed, but in 99% of these cases we find other residual infections so I'd like for you to do at least one online virus scan for me. I may want you to do another scan after that depending on what the first one finds.

    Please run ActiveScan online virus scan here

    When the scan is finished, click on the "Save Report" button an save the results of the scan to your desktop.

    Note: You have to use Internet Explorer to do the online scan.

    Post a new HiJackThis log along with the results from ActiveScan
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/542597

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice